Tag: IIS Misconfiguration

• Bounty – HackTheBox

  Scanning I started with my standard nmap scan. Only one port opened, which I verified by running a scan against all ports as well. Enumeration – HTTP Port 80 There’s just an image here of Merlin with nothing else. Scanning with gobuster found something interesting. Unfortunately, this directory wasn’t working. No vhosts on the box…

  Captain Nemo

  April 7, 2022

  HackTheBox, Uncategorized

  Arbitrary File Upload, HackTheBox, IIS Misconfiguration, Impersonation, JuicyPotato